search

chime / terraform-aws-alternat

High availability implementation of AWS NAT instances.
MIT License
1.08k stars 65 forks source link

How many EIPs does alternat need? #113

Closed paymog closed 1 month ago

paymog commented 1 month ago

How many EIPs does alternat need? I just tried to deploy it into my dev aws account and I see


                   │ Error: creating EC2 EIP: operation error EC2: AllocateAddress, https response error StatusCode: 400, RequestID: b5b9a806-0826-463f-ba93-97b56760c75d, api error AddressLimitExceeded: The maximum number of addresses has been reached.
                   │

I see there's a limit of 5 EIPs per account by default. I see that 2 were made

image

I'm creating an Alternat in 2 zones, us-west-2a and 2b

      new Alternat(this, "alternat", {
        vpcId: clusterVpc.id,
        vpcAzMaps: [
          {
            az: "us-west-2a",
            route_table_ids: [natUsWest2RouteTable.id],
            public_subnet_id: usWest2aSubnet.id,
            private_subnet_ids: [natPrivateUsWest2aSubnet.id],
          },
          {
            az: "us-west-2b",
            route_table_ids: [natUsWest2bRouteTable.id],
            public_subnet_id: usWest2bSubnet.id,
            private_subnet_ids: [natPrivateUsWest2bSubnet.id],
          },
        ],
        maxInstanceLifetime: 0, // disable removing instances for patching
        natInstanceType: "c6gn.medium", // 1.6gbps baseline network capacity (burst to 16gpbs), 1vcpu, 2gb ram (might need to bump this)
      })

which would lead me to guess that only 2 EIPs are needed.

paymog commented 1 month ago

It seems like 4 are made

                     # module.alternat.aws_eip.nat_gateway_eips["us-west-2a"] will be created
                     + resource "aws_eip" "nat_gateway_eips" {
                         + allocation_id        = (known after apply)
                         + arn                  = (known after apply)
                         + association_id       = (known after apply)
                         + carrier_ip           = (known after apply)
                         + customer_owned_ip    = (known after apply)
                         + domain               = (known after apply)
                         + id                   = (known after apply)
                         + instance             = (known after apply)
                         + network_border_group = (known after apply)
                         + network_interface    = (known after apply)
goldsky-infra-dev  + private_dns          = (known after apply)
                         + private_ip           = (known after apply)
                         + ptr_record           = (known after apply)
                         + public_dns           = (known after apply)
                         + public_ip            = (known after apply)
                         + public_ipv4_pool     = (known after apply)
                         + tags                 = {
                             + "Name" = "alternat-gateway-eip"
                           }
                         + tags_all             = {
                             + "Name"         = "alternat-gateway-eip"
                             + "map-migrated" = "mig48715"
                           }
                         + vpc                  = (known after apply)
                       }

                     # module.alternat.aws_eip.nat_gateway_eips["us-west-2b"] will be created
                     + resource "aws_eip" "nat_gateway_eips" {
                         + allocation_id        = (known after apply)
                         + arn                  = (known after apply)
goldsky-infra-dev  + association_id       = (known after apply)
                         + carrier_ip           = (known after apply)
                         + customer_owned_ip    = (known after apply)
                         + domain               = (known after apply)
                         + id                   = (known after apply)
                         + instance             = (known after apply)
                         + network_border_group = (known after apply)
                         + network_interface    = (known after apply)
                         + private_dns          = (known after apply)
                         + private_ip           = (known after apply)
                         + ptr_record           = (known after apply)
                         + public_dns           = (known after apply)
                         + public_ip            = (known after apply)
                         + public_ipv4_pool     = (known after apply)
                         + tags                 = {
                             + "Name" = "alternat-gateway-eip"
                           }
goldsky-infra-dev  + tags_all             = {
                             + "Name"         = "alternat-gateway-eip"
                             + "map-migrated" = "mig48715"
                           }
                         + vpc                  = (known after apply)
                       }

                     # module.alternat.aws_eip.nat_instance_eips[0] will be created
                     + resource "aws_eip" "nat_instance_eips" {
                         + allocation_id        = (known after apply)
                         + arn                  = (known after apply)
                         + association_id       = (known after apply)
                         + carrier_ip           = (known after apply)
                         + customer_owned_ip    = (known after apply)
                         + domain               = (known after apply)
                         + id                   = (known after apply)
                         + instance             = (known after apply)
                         + network_border_group = (known after apply)
goldsky-infra-dev  + network_interface    = (known after apply)
                         + private_dns          = (known after apply)
                         + private_ip           = (known after apply)
                         + ptr_record           = (known after apply)
                         + public_dns           = (known after apply)
                         + public_ip            = (known after apply)
                         + public_ipv4_pool     = (known after apply)
                         + tags                 = {
                             + "Name" = "alternat-instance-0"
                           }
                         + tags_all             = {
                             + "Name"         = "alternat-instance-0"
                             + "map-migrated" = "mig48715"
                           }
                         + vpc                  = (known after apply)
                       }

                     # module.alternat.aws_eip.nat_instance_eips[1] will be created
                     + resource "aws_eip" "nat_instance_eips" {
                         + allocation_id        = (known after apply)
goldsky-infra-dev  + arn                  = (known after apply)
                         + association_id       = (known after apply)
                         + carrier_ip           = (known after apply)
                         + customer_owned_ip    = (known after apply)
                         + domain               = (known after apply)
                         + id                   = (known after apply)
                         + instance             = (known after apply)
                         + network_border_group = (known after apply)
                         + network_interface    = (known after apply)
                         + private_dns          = (known after apply)
                         + private_ip           = (known after apply)
                         + ptr_record           = (known after apply)
                         + public_dns           = (known after apply)
                         + public_ip            = (known after apply)
                         + public_ipv4_pool     = (known after apply)
                         + tags                 = {
                             + "Name" = "alternat-instance-1"
goldsky-infra-dev  }
                         + tags_all             = {
                             + "Name"         = "alternat-instance-1"
                             + "map-migrated" = "mig48715"
                           }
                         + vpc                  = (known after apply)
                       }
paymog commented 1 month ago

ah, makes sense that each nat gateway and each nat instance needs it's own EIP

bwhaley commented 1 month ago

Yup, you're on it. Alternat uses 2 * num zones, one for each standby gateway, one for each nat instance.